We are getting regular threat protection error 500 internal in response side.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RegularExpressionProtection async="false" continueOnError="false" enabled="true" name="SEC-REP-PayloadInjectionScan">
<DisplayName>SEC-REP-PayloadInjectionScan</DisplayName>
<Properties/>
<Source>message</Source>
<IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
<JSONPayload>
<JSONPath>
<Expression>$.</Expression>
<!--SQL Injection -->
<Pattern ignoreCase="true">\b(ALTER( +TABLE){1,1}|CREATE( +TABLE| +INDEX| +DB| +DATABASE| +VIEW){1,1}|(DELETE[*\s+]+FROM)|DROP( +TABLE| +INDEX| +DB| +DATABASE){1,1}|TRUNCATE( +TABLE){1,1}|EXECUTE\s?([a-z]|[A-Z])+(;){1,1}|SQL INCLUDE\s[+]\s([(]+[a-z]|[a-z])+[)]|MERGE\s?([a-z]|[A-Z])+\s?(AS)\s?([a-z]|[A-Z])+(;)|INSERT( +INTO){1,1}|((SELECT)(\s+[\S,\s]+\s+))(FROM)|(UPDATE)(\s+[\S,\s]+\s)(SET)\s*( +ALL){0,1})</Pattern>
<!-- Server side include -->
<Pattern ignoreCase="true">\b(((echo\s([a-z]|[A-Z])+[=]){1,1})|(exec\s([a-z]|[A-Z])+[=])|(config\s([a-z]|[A-Z])+[=])|(include\s([a-z]|[A-Z])+[=])|(cpt\s([a-z]|[A-Z]+[=]))|(cookie\s([a-z]|[A-Z])+[=])|(printenv)\b)</Pattern>
</JSONPath>
</JSONPayload>
</RegularExpressionProtection>

could you please let us know what is the issue and how to resolve it?

@anilsr 

Thanks,

Mk